Trolltech Qt QBmpHandler BMP File Buffer Overflow Vulnerability



A vulnerability in the QBmpHandler component of Trolltech Qt could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to improper processing of BMP files by the QBmpHandler component of the affected software. An attacker could exploit this vulnerability by persuading a user to access a BMP file that submits malicious input to the targeted system. A successful exploit could trigger a buffer overflow condition that the attacker could use to execute arbitrary code or cause a DoS condition.

Trolltech has confirmed the vulnerability and released software updates.

Security Impact Rating: High

CVE: CVE-2018-19873

Source:: Cisco Multivendor Vulnerability Alerts